Isha, Thanks for the quick response and for the troubleshooting tips. It helped me track down our issue. It ended up being a misconfigured nifi.properties value.
Thanks again, Bill On Wed, Sep 15, 2021 at 2:08 AM Isha Lamboo <[email protected]> wrote: > Hi Bill, > > > > In a cluster all nodes should indeed apply the changes to the users.xml > and authorizations.xml. > > In fact, the nodes should refuse to reconnect if they detect a difference > in these files. > > > > First thing to verify is of course whether the two nodes successfully form > a cluster. > > Do you see “2/2 nodes” in the top left of the UI and what does the Cluster > window say (from the Hamburger menu)? > > > > Next would be file permissions on the users.xml and authorizations.xml. Is > the user NiFi runs under allowed to write to the files? > > If you happened to start NiFi as root for the initial run, those files > might be owned by root still. > > > > Also, are the authorizers.xml and login-identity-providers.xml identical > between the nodes? > > > > Next, are there any error in the nifi-app.log regarding the users file? > > > > These steps will hopefully identify the cause of the failed > synchronization. If not, please provide more of these details to us for > diagnosis. > > > > Regards, > > > > Isha > > > > > > *Van:* Bill Bauernschmidt <[email protected]> > *Verzonden:* dinsdag 14 september 2021 23:48 > *Aan:* [email protected] > *Onderwerp:* Auth issues with cluster > > > > I have installed a 2 node nifi cluster that is setup to authenticate via > OIDC with our auth server. I am able to login successfully with my initial > admin user on both nodes. This admin user exists in both nodes users.xml > files. I then created a new user using the UI. Auth works fine for this > user when one node is hit via the UI login but when the other node is hit > it gives me a "Unknown user with identity" message. Looking at the > users.xml files on the two nodes I see that the new user is in one node's > file but not the other. This lines up with the node being hit during login > and whether login is successful or not. When adding a new user in the UI > like this should it end up in both nodes users.xml files and if so what > should I look at to fix this in my cluster? > > > > Thanks, > > Bill > > >
